JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 138.197.131.193

138.197.131.193 was found in our database!

This IP was reported 107 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 138.197.131.193

Whois 138.197.131.193

IP Abuse Reports for 138.197.131.193:

This IP address has been reported a total of 107 times from 105 distinct sources. 138.197.131.193 was first reported on April 8th 2025, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 flow1234	2026-06-20 06:00:14 (6 days ago)	SSH/Telnet honeypot (Cowrie) — brute-force/login attempts logged 2026-06-20	Brute-Force SSH Hacking
🇫🇷 SiyCah	2026-06-20 06:00:06 (6 days ago)	138.197.131.193 fell into Endlessh tarpit; 0/1 total connections are currently still open. Total tim ... show more 138.197.131.193 fell into Endlessh tarpit; 0/1 total connections are currently still open. Total time wasted: 3s. Total bytes sent by tarpit: 354B. Report generated by Endlessh Report Generator v1.2.3 show less	Brute-Force Port Scan SSH Hacking
🇫🇮 hellasleeper	2026-06-19 14:28:43 (6 days ago)	SSH honeypot attacker (Cowrie) on Hermes-NOC	Port Scan Brute-Force
🇫🇮 hellasleeper	2026-06-19 12:00:36 (6 days ago)	SSH honeypot attacker on Hermes-NOC. C2: Cobalt Strike (50% confidence). Risk: high (47). Ports: [44 ... show more SSH honeypot attacker on Hermes-NOC. C2: Cobalt Strike (50% confidence). Risk: high (47). Ports: [443, 22] show less	Port Scan Hacking Brute-Force SSH
🇩🇪 ghostwarriors	2026-06-19 10:50:44 (6 days ago)	Unauthorized connection attempt detected, SSH Brute-Force	Brute-Force Port Scan SSH
🇩🇪 alps.one	2026-06-19 10:50:15 (6 days ago)	Jun 19 12:35:06 backup sshd[2439907]: Invalid user sol from 138.197.131.193 port 43736 Jun 19 12:39: ... show more Jun 19 12:35:06 backup sshd[2439907]: Invalid user sol from 138.197.131.193 port 43736 Jun 19 12:39:04 backup sshd[2440112]: Invalid user eth-docker from 138.197.131.193 port 47358 Jun 19 12:43:06 backup sshd[2440375]: Invalid user eth from 138.197.131.193 port 47086 Jun 19 12:46:45 backup sshd[2440622]: Invalid user ethereum from 138.197.131.193 port 42226 Jun 19 12:50:14 backup sshd[2440797]: Invalid user ethdo from 138.197.131.193 port 41486 show less	Brute-Force SSH
Anonymous	2026-06-19 10:50:07 (6 days ago)	2026-06-19T10:34:55.654361 orion-monitor sshd[1531575]: Invalid user sol from 138.197.131.193 port 3 ... show more 2026-06-19T10:34:55.654361 orion-monitor sshd[1531575]: Invalid user sol from 138.197.131.193 port 37732 2026-06-19T10:38:55.646011 orion-monitor sshd[1531610]: Invalid user eth-docker from 138.197.131.193 port 53046 2026-06-19T10:42:56.833795 orion-monitor sshd[1531663]: Invalid user eth from 138.197.131.193 port 33850 2026-06-19T10:46:36.977868 orion-monitor sshd[1531676]: Invalid user ethereum from 138.197.131.193 port 48736 2026-06-19T10:50:06.835934 orion-monitor sshd[1531735]: Invalid user ethdo from 138.197.131.193 port 58732 ... show less	Brute-Force SSH
🇫🇮 sapphic.moe	2026-06-19 10:50:02 (6 days ago)		Brute-Force SSH
🇫🇷 asemen	2026-06-19 10:47:47 (6 days ago)	2026-06-19T12:40:13.484133mbox.semen.de sshd[447283]: Invalid user eth-docker from 138.197.131.193 p ... show more 2026-06-19T12:40:13.484133mbox.semen.de sshd[447283]: Invalid user eth-docker from 138.197.131.193 port 59408 2026-06-19T12:40:13.586248mbox.semen.de sshd[447283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.131.193 2026-06-19T12:40:15.749292mbox.semen.de sshd[447283]: Failed password for invalid user eth-docker from 138.197.131.193 port 59408 ssh2 2026-06-19T12:44:12.178191mbox.semen.de sshd[448628]: Invalid user eth from 138.197.131.193 port 54040 2026-06-19T12:44:12.724672mbox.semen.de sshd[448628]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.131.193 2026-06-19T12:44:14.697764mbox.semen.de sshd[448628]: Failed password for invalid user eth from 138.197.131.193 port 54040 ssh2 2026-06-19T12:47:45.418114mbox.semen.de sshd[449838]: Invalid user ethereum from 138.197.131.193 port 37518 ... show less	Port Scan Brute-Force SSH
Anonymous	2026-06-19 10:47:19 (6 days ago)	[web.zebs.ch] ssh-invalid-user: logs=/var/log/secure; samples=Jun 19 13:43:10 web sshd[22665]: Inval ... show more [web.zebs.ch] ssh-invalid-user: logs=/var/log/secure; samples=Jun 19 13:43:10 web sshd[22665]: Invalid user eth from 138.197.131.193 port 49570 \| Jun 19 13:43:12 web sshd[22665]: Failed password for invalid user eth from 138.197.131.193 port 49570 ssh2 \| Jun 19 13:46:49 web sshd[22779]: Invalid user ethereum from 138.197.131.193 port 45500 show less	Brute-Force SSH
🇩🇪 JavaStart	2026-06-19 10:45:55 (6 days ago)	Jun 19 12:38:12 vmi174663 sshd[1360619]: Failed password for invalid user sol from 138.197.131.193 p ... show more Jun 19 12:38:12 vmi174663 sshd[1360619]: Failed password for invalid user sol from 138.197.131.193 port 60208 ssh2 Jun 19 12:42:09 vmi174663 sshd[1361720]: Invalid user eth-docker from 138.197.131.193 port 60780 Jun 19 12:42:09 vmi174663 sshd[1361720]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.131.193 Jun 19 12:42:11 vmi174663 sshd[1361720]: Failed password for invalid user eth-docker from 138.197.131.193 port 60780 ssh2 Jun 19 12:45:55 vmi174663 sshd[1362577]: Invalid user eth from 138.197.131.193 port 44416 ... show less	Brute-Force SSH
🇫🇮 SamJUK	2026-06-19 10:45:25 (6 days ago)	2026-06-19T10:37:40.737099+00:00 hostname sshd[865605]: Failed password for invalid user sol from 13 ... show more 2026-06-19T10:37:40.737099+00:00 hostname sshd[865605]: Failed password for invalid user sol from 138.197.131.193 port 36298 ssh2 2026-06-19T10:41:34.585784+00:00 hostname sshd[865697]: Invalid user eth-docker from 138.197.131.193 port 54562 2026-06-19T10:41:34.698709+00:00 hostname sshd[865697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.131.193 2026-06-19T10:41:36.646948+00:00 hostname sshd[865697]: Failed password for invalid user eth-docker from 138.197.131.193 port 54562 ssh2 2026-06-19T10:45:24.872468+00:00 hostname sshd[865763]: Invalid user eth from 138.197.131.193 port 53678 ... show less	Brute-Force SSH
🇩🇪 kkw	2026-06-19 10:45:22 (6 days ago)	2026-06-19T12:37:34.788671+02:00 psifactor sshd-session[1761990]: Invalid user sol from 138.197.131. ... show more 2026-06-19T12:37:34.788671+02:00 psifactor sshd-session[1761990]: Invalid user sol from 138.197.131.193 port 57844 2026-06-19T12:41:30.155153+02:00 psifactor sshd-session[1763218]: Connection from 138.197.131.193 port 49598 on 195.201.203.35 port 22 rdomain "" 2026-06-19T12:41:30.496350+02:00 psifactor sshd-session[1763218]: Invalid user eth-docker from 138.197.131.193 port 49598 2026-06-19T12:45:21.073124+02:00 psifactor sshd-session[1764316]: Connection from 138.197.131.193 port 39946 on 195.201.203.35 port 22 rdomain "" 2026-06-19T12:45:21.424513+02:00 psifactor sshd-session[1764316]: Invalid user eth from 138.197.131.193 port 39946 ... (mode: normal) show less	Brute-Force SSH
Anonymous	2026-06-19 10:45:16 (6 days ago)	2026-06-19T10:37:28.915763+00:00 vpn01 sshd[3846201]: Invalid user sol from 138.197.131.193 port 367 ... show more 2026-06-19T10:37:28.915763+00:00 vpn01 sshd[3846201]: Invalid user sol from 138.197.131.193 port 36782 2026-06-19T10:41:24.112230+00:00 vpn01 sshd[3846369]: Invalid user eth-docker from 138.197.131.193 port 46030 2026-06-19T10:45:16.002392+00:00 vpn01 sshd[3846517]: Invalid user eth from 138.197.131.193 port 34898 ... show less	Brute-Force SSH
🇩🇪 XICTRON	2026-06-19 10:45:07 (6 days ago)	SSH brute-force attempt detected by Fail2Ban	SSH

Showing 1 to 15 of 107 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 216.226.76.30

🇺🇸 199.195.254.30

🇳🇱 193.142.200.111

🇷🇺 178.177.40.170

🇺🇸 165.154.173.74

🇺🇸 162.216.150.89

🇳🇬 152.32.143.189

🇺🇸 147.185.132.250

🇸🇬 203.116.129.55

🇹🇼 202.39.153.245

🇪🇸 185.123.204.86

🇺🇸 162.216.150.113

🇺🇸 147.185.132.251

🇺🇸 104.43.131.157

🇨🇦 85.217.149.3

🇺🇸 66.132.172.189

🇱🇹 62.60.130.219

🇺🇸 47.251.250.61

🇬🇧 35.203.210.51

🇮🇹 4.232.94.242